From 879ec060023da082b44c6573bc7457fb608bc637 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Fri, 10 Jul 2020 19:35:04 +0200
Subject: [PATCH] We can specify both the postfix relay and the group of the
 process that will send mail.

---
 templates/iptables-rules.v4.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/iptables-rules.v4.j2 b/templates/iptables-rules.v4.j2
index 322bbb7..67a4fda 100644
--- a/templates/iptables-rules.v4.j2
+++ b/templates/iptables-rules.v4.j2
@@ -244,7 +244,7 @@
 -A OUTPUT -p tcp -m multiport --dports 25,587,465 -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
 {% if postfix_smtp_relay_servers is defined %}
 {% for host in postfix_smtp_relay_servers %}
--A OUTPUT -p tcp -m multiport --dports 25,587,465 -m owner --gid-owner postfix -d {{ host }} -j ACCEPT
+-A OUTPUT -p tcp -m multiport --dports 25,587,465 -m owner --gid-owner {{ host.group }} -d {{ host.name }} -j ACCEPT
 {% endfor %}
 {% else %}
 -A OUTPUT -p tcp -m multiport --dports 25,587,465 -m owner --gid-owner postfix -d {{ postfix_relay_host }} -j ACCEPT